How severe is CVE-2025-26791?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.5 out of 10.

What type of vulnerability is CVE-2025-26791?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2025-26791

MEDIUM Year: 2025

CVSS v3 Score

4.5

Medium

Weakness Type

CWE-79

View all →

Vulnerability Description

DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).

CVE-2023-1316

MEDIUM

CVSS:4.5(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CWE-792023

CVE-2023-23408

MEDIUM

CVSS:4.5(Medium)

Azure Apache Ambari Spoofing Vulnerability

CWE-792023

CVE-2023-35393

MEDIUM

CVSS:4.5(Medium)

Azure Apache Hive Spoofing Vulnerability

CWE-792023

CVE-2023-36877

MEDIUM

CVSS:4.5(Medium)

Azure Apache Oozie Spoofing Vulnerability

CWE-792023

CVE-2023-36881

MEDIUM

CVSS:4.5(Medium)

Azure Apache Ambari Spoofing Vulnerability

CWE-792023

CVE-2023-38188

MEDIUM

CVSS:4.5(Medium)

Azure Apache Hadoop Spoofing Vulnerability

CWE-792023

CVE-2025-26791

Vulnerability Description

Related Vulnerabilities

CVE-2023-1316

CVE-2023-23408

CVE-2023-35393

CVE-2023-36877

CVE-2023-36881

CVE-2023-38188